Shell script containing passwords.
Robert Barten
robert at barok.de
Tue Feb 10 08:52:24 PST 2004
On Tue, Feb 10, 2004 at 03:28:14PM +0000, Lewis Thompson wrote:
> On Tue, Feb 10, 2004 at 10:12:09AM -0500, Lowell Gilbert wrote:
> > Lewis Thompson <purple at lewiz.net> writes:
> >
> > > I am worried that because the script must be read/writeable by the
> > > Apache user (www) that anybody that can write a PHP script on my machine
> > > can read the auth script and read the passwords that would be contained
> > > within -- those to my MySQL server.
> >
> > Why would the script be readable or writeable by any user?
> > It only needs to be executable, right?
>
> Well, since it's an interpreted script (it's some standalone PHP) in
> order to execute it, the user must be able to read it. Since the script
> holds passwds that means that any user with the ability to run it can
> get the passwds (in my case to access my MySQL server).
>
> This is a ``flaw'' with the way Apache works because everything Apache
> executes must be +rw for the Apache user (www). As a result any person
> able to write PHP code (all of my users) can read anything that the
> Apache user can, because mod_php executes as the Apache user.
>
> There are security features in PHP (safe_mode) but these conflict with
> a large number of PHP scripts. I'm trying to work it out this way now
> but it's a lot of hassle.
No need for safe_mode, set
php_admin_value open_basedir "/www/dir/to/user/"
in your vhost config, add if desired /tmp/phpupload/:/tmp/phpsession/
suphp doesn't work with mod_php AFAIR
Keep in mind: users (CGI scripts as well) can still browse into other user
directories unless you force them into one group (e.g. users), home to 705
and use SuEXEC.
HTH
--
Robert Barten
More information about the freebsd-questions
mailing list